public function online($sql, $block, $block_title, $unset_legend = false) {
global $user;
static $user_bots;
if (!isset($user_bots)) {
obtain_bots($bots);
$bots = w();
foreach ($bots as $row) {
$user_bots[$row['user_id']] = true;
}
}
foreach (w('last_user_id users_visible users_hidden users_guests users_bots last_ip users_online') as $v) {
${$v} = 0;
}
_style($block, array(
'L_TITLE' => lang($block_title))
);
_style($block . '.members');
$is_founder = $user->is('founder');
$result = sql_rowset($sql);
foreach ($result as $row) {
if ($row['user_id'] != GUEST) {
if ($row['user_id'] != $last_user_id) {
$is_bot = isset($user_bots[$row['user_id']]);
if (!$row['user_hideuser']) {
$username = $row['username'];
if ($is_bot) {
$users_bots++;
} else {
$users_visible++;
}
} else {
$username = '******' . $row['username'];
$users_hidden++;
}
if (((!$row['user_hideuser'] || $is_founder) && !$is_bot) || ($is_bot && $is_founder)) {
_style($block . '.members.item', array(
'USERNAME' => $username,
'PROFILE' => s_link('m', $row['username_base']))
);
}
}
$last_user_id = $row['user_id'];
} else {
if ($row['session_ip'] != $last_ip) {
$users_guests++;
}
$last_ip = $row['session_ip'];
}
}
$users_total = $users_visible + $users_hidden + $users_guests + $users_bots;
if (!($users_visible + $users_hidden) || (!$users_visible && $users_hidden)) {
_style($block . '.members.none');
}
_style($block . '.legend');
$online_ary = array(
'MEMBERS_TOTAL' => $users_total,
'MEMBERS_VISIBLE' => $users_visible,
'MEMBERS_GUESTS' => $users_guests,
'MEMBERS_HIDDEN' => $users_hidden,
'MEMBERS_BOT' => $users_bots
);
if ($unset_legend !== false) {
unset($online_ary[$unset_legend]);
}
foreach ($online_ary as $lk => $vk) {
if (!$vk && $lk != 'MEMBERS_TOTAL') {
continue;
}
_style($block . '.legend.item', array(
'L_MEMBERS' => lang($lk . (($vk != 1) ? '2' : '')),
'ONLINE_VALUE' => $vk)
);
}
return;
}
/**
* Create a new session
*
* If upon trying to start a session we discover there is nothing existing we
* jump here. Additionally this method is called directly during login to regenerate
* the session for the specific user. In this method we carry out a number of tasks;
* garbage collection, (search)bot checking, banned user comparison. Basically
* though this method will result in a new session for a specific user.
*/
public function session_create($user_id = false, $set_admin = false, $update_page = true, $is_inactive = false) {
global $config;
$this->data = w();
if (strpos($this->page, 'signin')) {
$this->page = '';
}
// Garbage collection ... remove old sessions updating user information
// if necessary. It means (potentially) 11 queries but only infrequently
if ($this->time > $config['session_last_gc'] + $config['session_gc']) {
$this->session_gc();
}
/**
* Here we do a bot check. We loop through the list of bots defined by
* the admin and see if we have any useragent and/or IP matches. If we
* do, this is a bot, act accordingly
*/
$bot = false;
$active_bots = w();
obtain_bots($active_bots);
foreach ($active_bots as $row) {
if ($row['bot_agent'] && strpos(strtolower($this->browser), strtolower($row['bot_agent'])) !== false) {
$bot = $row['user_id'];
}
// If ip is supplied, we will make sure the ip is matching too...
if ($row['bot_ip'] && ($bot || !$row['bot_agent'])) {
// Set bot to false, then we only have to set it to true if it is matching
$bot = false;
foreach (explode(',', $row['bot_ip']) as $bot_ip) {
if (strpos($this->ip, $bot_ip) === 0) {
$bot = (int) $row['user_id'];
break;
}
}
}
if ($bot) {
break;
}
}
// If we've been passed a user_id we'll grab data based on that
if ($user_id !== false) {
$this->cookie_data['u'] = $user_id;
$sql = 'SELECT *
FROM _members
WHERE user_id = ?
AND user_type <> ?';
$this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u'], USER_INACTIVE));
}
// If no data was returned one or more of the following occured:
// User does not exist
// User is inactive
// User is bot
if (!sizeof($this->data) || !is_array($this->data)) {
$this->cookie_data['u'] = ($bot) ? $bot : GUEST;
$sql = 'SELECT *
FROM _members
WHERE user_id = ?';
$this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u']));
}
if ($this->data['user_id'] != 1) {
$sql = 'SELECT session_time, session_id
FROM _sessions
WHERE session_user_id = ?
ORDER BY session_time DESC
LIMIT 1';
if ($sdata = sql_fieldrow(sql_filter($sql, $this->data['user_id']))) {
$this->data = array_merge($sdata, $this->data);
unset($sdata);
$this->session_id = $this->data['session_id'];
}
$this->data['session_last_visit'] = (isset($this->data['session_time']) && $this->data['session_time']) ? $this->data['session_time'] : (($this->data['user_lastvisit']) ? $this->data['user_lastvisit'] : $this->time);
} else {
$this->data['session_last_visit'] = $this->time;
}
// At this stage we should have a filled data array, defined cookie u and k data.
// data array should contain recent session info if we're a real user and a recent
// session exists in which case session_id will also be set
// Is user banned? Are they excluded? Won't return on ban, exists within method
// @todo Change to !$this->data['user_type'] & USER_FOUNDER && !$this->data['user_type'] & USER_BOT in time
// Fix 1 day problem
//if ($this->data['user_type'] != USER_FOUNDER) {
//$this->check_ban();
//}
//
// Do away with ultimately?
$this->data['is_member'] = (!$bot && $this->data['user_id'] != 1) ? true : false;
$this->data['is_bot'] = ($bot) ? true : false;
$this->data['is_founder'] = ($this->data['user_id'] != 1 && $this->data['user_type'] == USER_FOUNDER && !$this->data['is_bot']) ? true : false;
//
//
// Create or update the session
$sql_ary = array(
'session_user_id' => (int) $this->data['user_id'],
'session_start' => (int) $this->time,
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $this->time,
'session_browser' => (string) $this->browser,
'session_ip' => (string) $this->ip,
'session_admin' => ($set_admin) ? 1 : 0
);
if ($update_page) {
$sql_ary['session_page'] = (string) $this->page;
$this->data['session_page'] = $sql_ary['session_page'];
}
$sql = 'UPDATE _sessions SET ??
WHERE session_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_ary), $this->session_id));
if (!$this->session_id || !sql_affectedrows()) {
$this->session_id = $this->data['session_id'] = md5(unique_id());
$sql_ary['session_id'] = (string) $this->session_id;
sql_insert('sessions', $sql_ary);
}
if (!$bot) {
$cookie_expire = $this->time + 31536000;
$this->set_cookie('u', $this->cookie_data['u'], $cookie_expire);
$this->set_cookie('sid', $this->session_id, 0);
if ($this->data['is_member']) {
$this->register_ip();
}
unset($cookie_expire);
}
return true;
}
